Date: Mon, 16 Dec 1996 22:48:19 -0800 (PST) From: Archie Cobbs <archie@whistle.com> To: julian@whistle.com (Julian Elischer) Cc: jkh@time.cdrom.com, barry@Lustig.COM, owensc@enc.edu, current@freebsd.org Subject: Re: IP masquerading (for a LAN, _not_ PPP) Message-ID: <199612170648.WAA13466@bubba.whistle.com> In-Reply-To: <32B61D41.167EB0E7@whistle.com> from Julian Elischer at "Dec 16, 96 08:10:41 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
IMHO, the most useful way to implement ipfw is using divert sockets.. because it makes it a completely independent module that is easy to hack & develop from user mode. The disadvantage of course is that it's somewhat slower than a kernel-only implementation (we haven't found this to be a problem though). Although we can't release our code that does this right now, I'd be more than happy to "advise" anyone who is interested in porting any of the existing address translation code to use divert sockets... if it's written in a reasonably sane fashion, it shouldn't be very hard in any case. FWIW, -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612170648.WAA13466>